1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.NoSuchResourcePermissionException;
26  import com.liferay.portal.PortalException;
27  import com.liferay.portal.SystemException;
28  import com.liferay.portal.model.ResourceAction;
29  import com.liferay.portal.model.ResourceConstants;
30  import com.liferay.portal.model.ResourcePermission;
31  import com.liferay.portal.model.ResourcePermissionConstants;
32  import com.liferay.portal.model.Role;
33  import com.liferay.portal.model.RoleConstants;
34  import com.liferay.portal.security.permission.PermissionCacheUtil;
35  import com.liferay.portal.security.permission.ResourceActionsUtil;
36  import com.liferay.portal.service.base.ResourcePermissionLocalServiceBaseImpl;
37  import com.liferay.portal.util.PortalUtil;
38  
39  import java.util.ArrayList;
40  import java.util.Collections;
41  import java.util.List;
42  
43  /**
44   * <a href="ResourcePermissionLocalServiceImpl.java.html"><b><i>View Source</i>
45   * </b></a>
46   *
47   * @author Brian Wing Shun Chan
48   */
49  public class ResourcePermissionLocalServiceImpl
50      extends ResourcePermissionLocalServiceBaseImpl {
51  
52      public void addResourcePermission(
53              long companyId, String name, int scope, String primKey, long roleId,
54              String actionId)
55          throws PortalException, SystemException {
56  
57          if (scope == ResourceConstants.SCOPE_COMPANY) {
58  
59              // Remove group permission
60  
61              removeResourcePermissions(
62                  companyId, name, ResourceConstants.SCOPE_GROUP, roleId,
63                  actionId);
64          }
65          else if (scope == ResourceConstants.SCOPE_GROUP) {
66  
67              // Remove company permission
68  
69              removeResourcePermissions(
70                  companyId, name, ResourceConstants.SCOPE_COMPANY, roleId,
71                  actionId);
72          }
73          else if (scope == ResourceConstants.SCOPE_INDIVIDUAL) {
74              throw new NoSuchResourcePermissionException();
75          }
76  
77          updateResourcePermission(
78              companyId, name, scope, primKey, roleId, new String[] {actionId},
79              ResourcePermissionConstants.OPERATOR_ADD);
80  
81          PermissionCacheUtil.clearCache();
82      }
83  
84      public List<String> getAvailableResourcePermissionActionIds(
85              long companyId, String name, int scope, String primKey, long roleId,
86              List<String> actionIds)
87          throws PortalException, SystemException {
88  
89          ResourcePermission resourcePermission =
90              resourcePermissionPersistence.fetchByC_N_S_P_R(
91                  companyId, name, scope, primKey, roleId);
92  
93          if (resourcePermission == null) {
94              return Collections.EMPTY_LIST;
95          }
96  
97          List<String> availableActionIds = new ArrayList<String>(
98              actionIds.size());
99  
100         for (String actionId : actionIds) {
101             ResourceAction resourceAction =
102                 resourceActionLocalService.getResourceAction(name, actionId);
103 
104             if (hasActionId(resourcePermission, resourceAction)) {
105                 availableActionIds.add(actionId);
106             }
107         }
108 
109         return availableActionIds;
110     }
111 
112     public int getResourcePermissionsCount(
113             long companyId, String name, int scope, String primKey)
114         throws SystemException {
115 
116         return resourcePermissionPersistence.countByC_N_S_P(
117             companyId, name, scope, primKey);
118     }
119 
120     public List<ResourcePermission> getRoleResourcePermissions(long roleId)
121         throws SystemException {
122 
123         return resourcePermissionPersistence.findByRoleId(roleId);
124     }
125 
126     public boolean hasActionId(
127         ResourcePermission resourcePermission, ResourceAction resourceAction) {
128 
129         long actionIds = resourcePermission.getActionIds();
130         long bitwiseValue = resourceAction.getBitwiseValue();
131 
132         if ((actionIds & bitwiseValue) == bitwiseValue) {
133             return true;
134         }
135         else {
136             return false;
137         }
138     }
139 
140     public boolean hasResourcePermission(
141             long companyId, String name, int scope, String primKey, long roleId,
142             String actionId)
143         throws PortalException, SystemException {
144 
145         ResourcePermission resourcePermission =
146             resourcePermissionPersistence.fetchByC_N_S_P_R(
147                 companyId, name, scope, primKey, roleId);
148 
149         if (resourcePermission == null) {
150             return false;
151         }
152 
153         ResourceAction resourceAction =
154             resourceActionLocalService.getResourceAction(name, actionId);
155 
156         if (hasActionId(resourcePermission, resourceAction)) {
157             return true;
158         }
159         else {
160             return false;
161         }
162     }
163 
164     public boolean hasScopeResourcePermission(
165             long companyId, String name, int scope, long roleId,
166             String actionId)
167         throws PortalException, SystemException {
168 
169         List<ResourcePermission> resourcePermissions =
170             resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
171 
172         for (ResourcePermission resourcePermission : resourcePermissions) {
173             if (hasResourcePermission(
174                     companyId, name, scope, resourcePermission.getPrimKey(),
175                     roleId, actionId)) {
176 
177                 return true;
178             }
179         }
180 
181         return false;
182     }
183 
184     public void mergePermissions(long fromRoleId, long toRoleId)
185         throws PortalException, SystemException {
186 
187         Role fromRole = rolePersistence.findByPrimaryKey(fromRoleId);
188         Role toRole = rolePersistence.findByPrimaryKey(toRoleId);
189 
190         if (fromRole.getType() != toRole.getType()) {
191             throw new PortalException("Role types are mismatched");
192         }
193         else if (PortalUtil.isSystemRole(toRole.getName())) {
194             throw new PortalException("Cannot move permissions to system role");
195         }
196         else if (PortalUtil.isSystemRole(fromRole.getName())) {
197             throw new PortalException(
198                 "Cannot move permissions from system role");
199         }
200 
201         List<ResourcePermission> resourcePermissions =
202             getRoleResourcePermissions(fromRoleId);
203 
204         for (ResourcePermission resourcePermission : resourcePermissions) {
205             resourcePermission.setRoleId(toRoleId);
206 
207             resourcePermissionPersistence.update(resourcePermission, false);
208         }
209 
210         roleLocalService.deleteRole(fromRoleId);
211 
212         PermissionCacheUtil.clearCache();
213     }
214 
215     public void reassignPermissions(long resourcePermissionId, long toRoleId)
216         throws PortalException, SystemException {
217 
218         ResourcePermission resourcePermission = getResourcePermission(
219             resourcePermissionId);
220 
221         long companyId = resourcePermission.getCompanyId();
222         String name = resourcePermission.getName();
223         int scope = resourcePermission.getScope();
224         String primKey = resourcePermission.getPrimKey();
225         long fromRoleId = resourcePermission.getRoleId();
226 
227         Role toRole = roleLocalService.getRole(toRoleId);
228 
229         List<String> actionIds = null;
230 
231         if (toRole.getType() == RoleConstants.TYPE_REGULAR) {
232             actionIds = ResourceActionsUtil.getModelResourceActions(name);
233         }
234         else {
235             actionIds =
236                 ResourceActionsUtil.getModelResourceCommunityDefaultActions(
237                     name);
238         }
239 
240         setResourcePermissions(
241             companyId, name, scope, primKey, toRoleId,
242             actionIds.toArray(new String[actionIds.size()]));
243 
244         resourcePermissionPersistence.remove(resourcePermissionId);
245 
246         List<ResourcePermission> resourcePermissions =
247             getRoleResourcePermissions(fromRoleId);
248 
249         if (resourcePermissions.isEmpty()) {
250             roleLocalService.deleteRole(fromRoleId);
251         }
252     }
253 
254     public void removeResourcePermission(
255             long companyId, String name, int scope, String primKey, long roleId,
256             String actionId)
257         throws PortalException, SystemException {
258 
259         updateResourcePermission(
260             companyId, name, scope, primKey, roleId, new String[] {actionId},
261             ResourcePermissionConstants.OPERATOR_REMOVE);
262 
263         PermissionCacheUtil.clearCache();
264     }
265 
266     public void removeResourcePermissions(
267             long companyId, String name, int scope, long roleId,
268             String actionId)
269         throws PortalException, SystemException {
270 
271         List<ResourcePermission> resourcePermissions =
272             resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
273 
274         for (ResourcePermission resourcePermission : resourcePermissions) {
275             updateResourcePermission(
276                 companyId, name, scope, resourcePermission.getPrimKey(), roleId,
277                 new String[] {actionId},
278                 ResourcePermissionConstants.OPERATOR_REMOVE);
279         }
280 
281         PermissionCacheUtil.clearCache();
282     }
283 
284     public void setResourcePermissions(
285             long companyId, String name, int scope, String primKey, long roleId,
286             String[] actionIds)
287         throws PortalException, SystemException {
288 
289         updateResourcePermission(
290             companyId, name, scope, primKey, roleId, actionIds,
291             ResourcePermissionConstants.OPERATOR_SET);
292     }
293 
294     protected void updateResourcePermission(
295             long companyId, String name, int scope, String primKey, long roleId,
296             String[] actionIds, int operator)
297         throws PortalException, SystemException {
298 
299         ResourcePermission resourcePermission =
300             resourcePermissionPersistence.fetchByC_N_S_P_R(
301                 companyId, name, scope, primKey, roleId);
302 
303         if (resourcePermission == null) {
304             if (operator == ResourcePermissionConstants.OPERATOR_REMOVE) {
305                 return;
306             }
307 
308             long resourcePermissionId = counterLocalService.increment(
309                 ResourcePermission.class.getName());
310 
311             resourcePermission = resourcePermissionPersistence.create(
312                 resourcePermissionId);
313 
314             resourcePermission.setCompanyId(companyId);
315             resourcePermission.setName(name);
316             resourcePermission.setScope(scope);
317             resourcePermission.setPrimKey(primKey);
318             resourcePermission.setRoleId(roleId);
319         }
320 
321         long actionIdsLong = resourcePermission.getActionIds();
322 
323         if (operator == ResourcePermissionConstants.OPERATOR_SET) {
324             actionIdsLong = 0;
325         }
326 
327         for (String actionId : actionIds) {
328             ResourceAction resourceAction =
329                 resourceActionLocalService.getResourceAction(name, actionId);
330 
331             if ((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
332                 (operator == ResourcePermissionConstants.OPERATOR_SET)) {
333 
334                 actionIdsLong |= resourceAction.getBitwiseValue();
335             }
336             else {
337                 actionIdsLong =
338                     actionIdsLong & (~resourceAction.getBitwiseValue());
339             }
340         }
341 
342         resourcePermission.setActionIds(actionIdsLong);
343 
344         resourcePermissionPersistence.update(resourcePermission, false);
345 
346         PermissionCacheUtil.clearCache();
347     }
348 
349 }